Hi Tom, Rafa, On Fri, Nov 06, 2020 at 12:37:47PM +0000, tom petch wrote: > Rafa > > My attempt to read the text keeps running into a brick wall (lockdown:-( > but I have a few new comments. I said sometime ago that the IESG would > likely find plenty to say and I see that Benjamin has lived up to my > expectations. I wish I could be as productive as him:-( > > For completeness, I include what I have found so far but suspect that > they will all be overtaken by IESG comments. > > RFC2247 I don't find good for DN; I find RFC4519 better but suspect that > X.520 would be better still but do not have a copy of that to hand; this > is the sort of thing I expect the IESG to have definite views on I agree that 2247 is not very good for DN (but I missed that in my own review; thank you for noticing it!). I think that the best reference might differ if we want the conventional string encoding of the DN vs the actual ASN.1 structure, but I think I would have to consult with some other experts to be certain of the right reference, in either case. -Ben -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
